CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
751 CVE-2001-0789 DoS Exec Code 2001-10-18 2018-11-28
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message.
752 CVE-2001-0788 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.
753 CVE-2001-0787 2001-10-18 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.
754 CVE-2001-0786 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file.
755 CVE-2001-0785 Dir. Trav. 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack.
756 CVE-2001-0784 Dir. Trav. 2001-10-18 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
757 CVE-2001-0783 2001-10-18 2017-12-19
5.0
None Remote Low Not required Partial None None
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command.
758 CVE-2001-0782 +Priv 2001-10-18 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
759 CVE-2001-0781 284 Exec Code Overflow 2001-05-30 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST.
760 CVE-2001-0780 22 Dir. Trav. 2001-10-18 2016-05-25
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
761 CVE-2001-0779 Overflow 2001-10-18 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
762 CVE-2001-0778 2001-10-18 2017-12-19
5.0
None Remote Low Not required None Partial None
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20).
763 CVE-2001-0777 DoS 2001-10-18 2017-12-19
5.0
None Remote Low Not required None None Partial
Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts.
764 CVE-2001-0776 DoS Overflow 2001-10-18 2017-12-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service.
765 CVE-2001-0775 119 Exec Code Overflow 2001-10-18 2016-05-20
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
766 CVE-2001-0774 +Priv 2001-10-18 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files.
767 CVE-2001-0773 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests.
768 CVE-2001-0772 DoS Overflow +Priv 2001-10-18 2017-12-19
4.6
None Local Low Not required Partial Partial Partial
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.
769 CVE-2001-0771 264 2001-10-18 2018-11-29
7.5
None Remote Low Not required Partial Partial Partial
Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a single character in the "loginpass" field.
770 CVE-2001-0770 Exec Code Overflow 2001-10-18 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command.
771 CVE-2001-0769 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character.
772 CVE-2001-0768 +Priv 2001-10-18 2017-12-19
4.6
None Local Low Not required Partial Partial Partial
GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file.
773 CVE-2001-0767 Dir. Trav. 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.
774 CVE-2001-0766 Bypass 2001-10-18 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
775 CVE-2001-0765 2001-10-18 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories.
776 CVE-2001-0764 Exec Code Overflow 2001-10-18 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
777 CVE-2001-0763 Exec Code Overflow 2001-10-18 2018-05-03
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
778 CVE-2001-0762 Exec Code Overflow 2001-10-18 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbitrary code via a long first argument.
779 CVE-2001-0761 Exec Code Overflow 2001-10-18 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter.
780 CVE-2001-0760 2001-10-18 2017-10-10
5.0
None Remote Low Not required Partial None None
Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field.
781 CVE-2001-0759 Exec Code Overflow 2001-10-18 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.
782 CVE-2001-0758 Dir. Trav. 2001-10-18 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command.
783 CVE-2001-0757 2001-10-18 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet.
784 CVE-2001-0756 Exec Code 2001-10-18 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualCart) allows remote attackers to execute arbitrary code via the template parameter.
785 CVE-2001-0755 DoS Exec Code Overflow 2001-10-18 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command.
786 CVE-2001-0754 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
787 CVE-2001-0753 +Priv 2001-10-18 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
788 CVE-2001-0752 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
789 CVE-2001-0751 2001-10-18 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
790 CVE-2001-0750 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
791 CVE-2001-0749 2001-05-24 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root.
792 CVE-2001-0748 20 2001-10-18 2017-07-11
5.0
None Remote Low Not required Partial None None
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.
793 CVE-2001-0747 DoS Exec Code Overflow 2001-10-18 2017-08-17
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in iPlanet Web Server (iWS) Enterprise Edition 4.1, service packs 3 through 7, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long method name in an HTTP request.
794 CVE-2001-0746 DoS Exec Code Overflow 2001-10-18 2017-12-19
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.
795 CVE-2001-0745 +Info 2001-10-18 2017-10-10
5.0
None Remote Low Not required Partial None None
Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property.
796 CVE-2001-0744 2001-10-18 2008-09-10
2.1
None Local Low Not required None Partial None
Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file.
797 CVE-2001-0743 DoS 2001-10-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands.
798 CVE-2001-0742 Overflow 2001-10-18 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows remote attackers to run arbitrary code via a long HELO command.
799 CVE-2001-0741 DoS 2001-10-18 2017-10-10
2.1
None Local Low Not required None None Partial
Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets.
800 CVE-2001-0740 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability.
Total number of vulnerabilities : 1677   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 (This Page)17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.